Invited Speaker, "Learning lessons from the past: Case Studies of what can happen during an intrusion, and what can happen when someone tries to stop it," NorthWest Academic Computing Consortium (NWACC) Security Working Group, Portland, OR, September 30, 2015

Panelist, "Securing Cyberspace Starting at the Local Level," University of Washington Tacoma, with Mike Hamilton, Anderson Nacimiento, and Chris Richardson, January 21, 2015

Panelist, "The Anatomy of Data Security Breaches: The Evolving Landscape for Offenders and Law Enforcement Response," with James M. Aquilina (Stroz Friedberg LLC) and Jenny A. Durkan (former US Attorney, Western District of Washington), The Second Annual Comprehensive Conference on Cybersecurity Law, Seattle, Washington, January 12, 2015

Panelist, "Anatomy of Data Security Breaches: Who is Behind Them,; How Law Enforcement and Targets Respond," with Richard D. Boscovich (Microsoft) and Jenny A. Durkan (US Attorney, Western District of Washington), Cybersecurity Law and Strategies Conference, Seattle, Washington, January 27, 2014

"Data Breach Then and Now" (Keynote presentation), by David Dittrich, Information Assurance, Network Forensics, Industry and Educators Workshop, September 8, 2011 (Hosted by Highline Community College, Funded by NSF Grant # DUE 0919593)

"Human Subjects, Agents, or Bots: Current Issues in Ethics and Computer Security Research," by John Aycock, Elizabeth Buchanan, Scott Dexter, and David Dittrich, in Workshop on Ethics in Computer Security 2011, St. Lucia, April, 2011 [Local copy of paper and slides]

[Network World published a story about the panel. The discussion of DDoS tool relates to the Trinoo Distributed Denial of Service Tool writeup, in which I wrote, "During investigation of these intrusions, the installation of a trinoo network was caught in the act and the trinoo source code was obtained from the account used to cache the intruders' tools and log files. This analysis was done using this recovered source code." The hole in question that I used to copy the files (a ++ in a .rhosts file, granting anyone on the internet the ability to access the account) is depicted in this [anonymized] command: echo"rcp192.168.0.1:leaf/usr/sbin/rpc.listen" in generating a script that was then run on the compromised computer. While I did get permission to view the files, the questionable action was that I had initiated the copying before I had finished identifying someone who could authorize the action and grant me permission. They did, and asked me to promise I would give them full details of how their system was compromised and used, to never disclose the name of their company, or publish any customer data. I have adhered to all aspects of this promises.]

Panelist on the Diane Rehm show (WAMU radio, NPR affiliate) along with Jeffrey Hunker (coordinator for security, infrastructure protection, and counter-terrorism for the National Security Council), James Adams (CEO of iDefense), and Elias Levy (SecurityFocus.com), February 17, 2000